FRITZ!Box Router Guide
FRITZ!Box Routers
FRITZ!Box routers have support for both Legacy IPv4 DNS resolvers and DNS-over-TLS (DoT) resolvers.
When using Control D on your router, we recommend the DoT configuration as it is more secure.
DNS-over-TLS (DoT)
DNS-over-TLS offers more security than the Legacy DNS approach and can be enabled easily on the FRITZ!Box router.
Step 1
Open the FRITZ!Box router interface by navigating to it in your browser. You can reach it via fritz.box.
Step 2
Expand the Internet section in the sidebar and select Account Information.
Step 3
Select the DNS Server tab at the top.
Step 4
You will now need to configure the options for Your DoT setup:
- a. Under Public DNS Servers, disable the Fallback to public DNS servers option
- b. Under DNS over TLS enable the Encrypted name resolution option
- c. Enable the Force certificate check option
- d. Disable the Allow fallback to non-encrypted name resolution option.
This is the most secure DNS configuration. With these options, your router will only use the DoT resolver for DNS queries. If DNS resolution stops working with the DoT resolver, then the router will not be able to resolve any domains.
Step 5
Now you'll need to fetch your account's DNS resolvers, you can find your custom DNS details in the Manage Profiles and Devices section. Best thing to do, is create a new FRITZ!Box Router Device, which will generate unique resolvers for it.
Step 6
Below the checkbox options in the router interface, you'll see the field to enter the DoT resolver. Use the resolver from the Control D router device you setup and paste it into the field.
Step 7
Once you've added the DNS resolver to the list, at the bottom of the page press Apply.
After the router saves the configuration, you are using Control D on your network!
Keep in mind that if you configure a custom DNS on any of the individual devices connected to this router, those devices will not be using the DNS you configured here.
Legacy DNS
Follow the steps below to configure the Legacy DNS IP on your FRITZ!Box router.
Step 1
Open the FRITZ!Box router interface by navigating to it in your browser. You can reach it via fritz.box.
Step 2
Expand the Internet section in the sidebar and select Account Information.
Step 3
Select the DNS Server tab at the top.
Step 4
Now determine which DNS resolver you want to use.
Free Resolver
If you are configuring our free DNS resolvers, you can get the IPs from this page: https://controld.com/free-dns
-
Select the configuration you want to use from the list:
-
Then copy the Legacy Resolver IP address that appears at the bottom of the page:
Custom Resolver
If you are configuring a custom Legacy DNS resolver:
-
Create a new "Other" Router Device on your Control D Dashboard. Link it to a Profile (or create a new Profile if you don't have one) and finally make sure to enable the Legacy Resolver option under Advanced Settings. Then press Add Device:
-
Expand the Legacy DNS section where you will see the IP addresses to use for the setup. Do NOT copy the same IPs from the screenshot, copy the ones from your account specifically.
Step 5
Back in the router interface, in the DNSv4 Servers section, enable the Use other DNSv4 servers option.
Then enter the resolver IPs from the last step into the Preferred and Alternative DNSv4 server fields.
Step 6
Finally, at the bottom of the page press Apply.
Once the router saves the configuration, you are using Control D on your network!
Keep in mind that if you configure a custom DNS on any of the individual devices connected to this router, those devices will not be using the DNS you configured here.
Dynamic IP Warning
This method is subject to your source IP being registered on this Device in the web control panel, so this is best suited for networks with a static IP. If you have a Dynamic IP see Legacy DNS limitations section for solution.
Updated 3 months ago